Many thanks for getting back to me Ray! I'm proud to have figured this one out. It was, as you said, the dump script added to the failure page during de-bugging. No one caught it until an invalid credit card was used. BTW: People who have credit cards declining are just the ones I don't want the full string being visible for, so I'm glad it came out the way it did and not after someone cleaned me out.
I appreciate your being there to help so quickly. Your tireless service is huge and what I mention most to those I recommend WebAssist to.